[pushed] Fix UBSAN in __ubsan::Value::getSIntValue

Message ID a905bb08-8c73-e6cc-d7a3-0b3764f868ee@suse.cz
State New
Headers show
Series
  • [pushed] Fix UBSAN in __ubsan::Value::getSIntValue
Related show

Commit Message

Martin Liška Feb. 23, 2021, 10:15 a.m.
The patch is LLVM backport.

Applied to master.

/home/marxin/Programming/gcc2/libsanitizer/ubsan/ubsan_value.cpp:77:25: runtime error: left shift of 0x0000000000000000fffffffffffffffb by 96 places cannot be represented in type '__int128'
     #0 0x7ffff754edfe in __ubsan::Value::getSIntValue() const /home/marxin/Programming/gcc2/libsanitizer/ubsan/ubsan_value.cpp:77
     #1 0x7ffff7548719 in __ubsan::Value::isNegative() const /home/marxin/Programming/gcc2/libsanitizer/ubsan/ubsan_value.h:190
     #2 0x7ffff7542a34 in handleShiftOutOfBoundsImpl /home/marxin/Programming/gcc2/libsanitizer/ubsan/ubsan_handlers.cpp:338
     #3 0x7ffff75431b7 in __ubsan_handle_shift_out_of_bounds /home/marxin/Programming/gcc2/libsanitizer/ubsan/ubsan_handlers.cpp:370
     #4 0x40067f in main (/home/marxin/Programming/testcases/a.out+0x40067f)
     #5 0x7ffff72c8b24 in __libc_start_main (/lib64/libc.so.6+0x27b24)
     #6 0x4005bd in _start (/home/marxin/Programming/testcases/a.out+0x4005bd)

Differential Revision: https://reviews.llvm.org/D97263

Cherry-pick from 16ede0956cb1f4b692dfa619ccfa6ab1de28e19b.
---
  libsanitizer/ubsan/ubsan_value.cpp | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

-- 
2.30.1

Patch

diff --git a/libsanitizer/ubsan/ubsan_value.cpp b/libsanitizer/ubsan/ubsan_value.cpp
index 79c3ba991d3..40042bf3a90 100644
--- a/libsanitizer/ubsan/ubsan_value.cpp
+++ b/libsanitizer/ubsan/ubsan_value.cpp
@@ -74,7 +74,7 @@  SIntMax Value::getSIntValue() const {
      // to SIntMax.
      const unsigned ExtraBits =
        sizeof(SIntMax) * 8 - getType().getIntegerBitWidth();
-    return SIntMax(Val) << ExtraBits >> ExtraBits;
+    return SIntMax(UIntMax(Val) << ExtraBits) >> ExtraBits;
    }
    if (getType().getIntegerBitWidth() == 64)
      return *reinterpret_cast<s64*>(Val);